Is there a reason S/MIME and OpenPGP do not coexist?
-
For example, one provider and client like proton mail only uses OpenPGP and apple mail client only supports s/mime. Why is that? Why can we not have Proton mail support both, end of the story. Ain’t it?
-
System shared this topic on
-
For example, one provider and client like proton mail only uses OpenPGP and apple mail client only supports s/mime. Why is that? Why can we not have Proton mail support both, end of the story. Ain’t it?
S/MIME is insecure, outdated, depreciated, and should be discontinued; yet people don't want to adapt or grow or change.
Because some organizations do use S/MIME; all email software is required to implement it, that is if they want to be adopted and used by said influential organizations.
OpenPGP and PGP in general is secure but suffers from usability issues and is often wrongly painted as user-unfriendly. (it's really no worse than S/MIME, installing and managing keys is exactly the same hassle as it is with S/MIME.) The main issue is that some people are too lazy or resistant to change to adapt to it.
-
For example, one provider and client like proton mail only uses OpenPGP and apple mail client only supports s/mime. Why is that? Why can we not have Proton mail support both, end of the story. Ain’t it?
Most email clients I've used can work with either, but there's no point in using both.
-
S/MIME is insecure, outdated, depreciated, and should be discontinued; yet people don't want to adapt or grow or change.
Because some organizations do use S/MIME; all email software is required to implement it, that is if they want to be adopted and used by said influential organizations.
OpenPGP and PGP in general is secure but suffers from usability issues and is often wrongly painted as user-unfriendly. (it's really no worse than S/MIME, installing and managing keys is exactly the same hassle as it is with S/MIME.) The main issue is that some people are too lazy or resistant to change to adapt to it.
it's really no worse than S/MIME
That’s damning with faint praise if I ever heard it.
The biggest problem of OpenPGP is key management. The web of trust is fine but key rotation is an absolute nightmare. And I say this as someone who has been comfortable using it for 27 years.
-
S/MIME is insecure, outdated, depreciated, and should be discontinued; yet people don't want to adapt or grow or change.
Because some organizations do use S/MIME; all email software is required to implement it, that is if they want to be adopted and used by said influential organizations.
OpenPGP and PGP in general is secure but suffers from usability issues and is often wrongly painted as user-unfriendly. (it's really no worse than S/MIME, installing and managing keys is exactly the same hassle as it is with S/MIME.) The main issue is that some people are too lazy or resistant to change to adapt to it.
Funny thing to me about this is that I’ve been using PGP since 1993. OpenPGP became an RFC standard in 2007.
S/MIME became an RFC standard in 1999. And that’s really the reason it has stuck around. It got an 8 year head start on OpenPGP, despite PGP itself being used in email as far back as 1991.
-
For example, one provider and client like proton mail only uses OpenPGP and apple mail client only supports s/mime. Why is that? Why can we not have Proton mail support both, end of the story. Ain’t it?
Email is like IRC, outdated and inherently insecure, and awesome and I still use it knowing that. It's insane that everything started using email for real government and business shit to begin with. You can't 'secure' it as it is, even with this endpipe cosigning crap. I say just avoid email for sensitive comms altogether, treat it like the public mailbox it is, like IRC
-
For example, one provider and client like proton mail only uses OpenPGP and apple mail client only supports s/mime. Why is that? Why can we not have Proton mail support both, end of the story. Ain’t it?
Microsoft wants GPG/PGP dead and if it isn't in outlook, corporate won't use it and if corporate don't use it, there's no business incentive for services either.
-
System shared this topic on
